Chapter 24. Internet Security and Acceleration Server 2004 Advanced Administration

Previous page
Table of content
Next page

IN THIS CHAPTER

  • Managing ISA

  • Modifying ISA

  • Creating New Firewall Policy Rules

  • Add SSL Tunnel Ports

  • Allowing FTP Upload and Download to External Servers

  • Troubleshooting

In Small Business Server a number of compromises are necessarily made to get everything working together in a friendly and efficient way. ISA is configured to protect each component of SBS but not in the textbook manner where ISA resides on its own separate server. Instead ISA uses a combination of access rules, application filters, web filters, server publishing, and intrusion detection to reach a level of security that small businesses can't enjoy otherwise.

Each small business using SBS is unique. Each has specific applications, business partners, security needs, and network configurations that require customizing which filters are active and how ISA helps you manage your network and keep it secure. Because these needs change over time, as the business grows, applications change, and security needs grow, it is important to have a good enough foundation in configuring ISA that the lessons learned can be applied to situations that will occur in the future.

If one thing can be said of the Internet, it's that security needs continue to increase as our dependence on the Internet increases. Fortunately for ISA users, when issues like the release of MSBlast occurred, ISA networks were not endangered. ISA was and is smart enough to tell the difference between a legitimately formatted RDP request and a dangerous one. This was due to the powerful filtering combinations it is capable of. Of course we still had to patch our workstations, but it wasn't because our firewall was going to let the worm through, it was only to prevent our workstations from getting infected by a visiting infected laptop. Patching in this manner is a much less panic-driven affair and could be handled by the normal workstation patching process. Given the large bull's eye that ISA wears by virtue of being Microsoft's flagship security product, ISA's excellent track record of never having been breached when configured properly is impressive.

The first section of this chapter points out some additional features and customizations that can be made for more efficient network management and explains the various types of filters and filter elements. The second section presents a few scenarios for allowing or preventing various types of network traffic and Internet privileges for users. These are meant to be generic enough examples that the lessons learned can be applied to other situations that may arise on a small business network.



Previous page
Table of content
Next page
Microsoft Small Business Server 2003 Unleashed
Microsoft Small Business Server 2003 Unleashed
ISBN: 0672328054
EAN: 2147483647
Year: 2005
Pages: 253
Authors: Eriq Oliver Neale
BUY ON AMAZON
High-Speed Signal Propagation[c] Advanced Black Magic
C++ GUI Programming with Qt 3
SQL Hacks
C++ How to Program (5th Edition)
Cisco IOS Cookbook (Cookbooks (OReilly))
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy